Bugtraq: by thread
304 messages
starting Jul 01 08 and
ending Jul 31 08
Date index |
Thread index |
Author index
- Re: Rhythmbox Vulnerability wargame89 (Jul 01)
- Endless loop in Soldner 33724 Luigi Auriemma (Jul 01)
- [SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Jul 01)
- [USN-617-2] Samba regression Jamie Strandboge (Jul 01)
- [SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs (Jul 01)
- CFP 25C3 - The 25th Chaos Communication Congress 2008 fukami (Jul 01)
- [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Scanit Labs (Jul 01)
- [ GLSA 200807-01 ] Python: Multiple integer overflows Tobias Heinlein (Jul 01)
- [security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert (Jul 01)
- [ GLSA 200807-02 ] Motion: Execution of arbitrary code Tobias Heinlein (Jul 01)
- New Paper: More than 600 million users surf at high risk Stefan Frei (Jul 01)
- RE: New Paper: More than 600 million users surf at high risk Larry Seltzer (Jul 01)
- RE: New Paper: More than 600 million users surf at high risk Larry Seltzer (Jul 01)
- RE: New Paper: More than 600 million users surf at high risk Paul Schmehl (Jul 01)
- RE: New Paper: More than 600 million users surf at high risk Nick FitzGerald (Jul 02)
- Re: New Paper: More than 600 million users surf at high risk Rainer Duffner (Jul 02)
- RE: New Paper: More than 600 million users surf at high risk Jeff Martin (Jul 11)
- Re: New Paper: More than 600 million users surf at high risk Rob Thompson (Jul 12)
- Re: New Paper: More than 600 million users surf at high risk Rob Thompson (Jul 02)
- RE: New Paper: More than 600 million users surf at high risk Paul Schmehl (Jul 01)
- Vuln name: Ruby rb_ary_fill() DOS snagg (Jul 01)
- Deepsec Talks 2007 are online - registration for 2008 is open DeepSec 2008 (Jul 01)
- Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 Jan Minář (Jul 01)
- [SECURITY] [DSA 1560-1] New sympa packages fix denial of service Steve Kemp (Jul 01)
- [USN-619-1] Firefox vulnerabilities Jamie Strandboge (Jul 02)
- [tool] ratproxy - passive web application security assessment tool Michal Zalewski (Jul 02)
- ISEC 2008(Information Security Conference) Guide isec (Jul 02)
- Secunia Research: VLC Media Player WAV Processing Integer Overflow Secunia Research (Jul 02)
- Release of Pass-The-Hash Toolkit v1.4 Hernan Ochoa (Jul 02)
- rPSA-2008-0211-1 mercurial mercurial-hgk rPath Update Announcements (Jul 03)
- rPSA-2008-0212-1 tshark wireshark rPath Update Announcements (Jul 03)
- [ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
- [ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
- [ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
- [ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
- [SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities Thijs Kinkhorst (Jul 04)
- Local vulnerability in WeFi Client v3.2.1.4.1(Update) XiaShing (Jul 04)
- <Possible follow-ups>
- Re: Local vulnerability in WeFi Client v3.2.1.4.1(Update) galia (Jul 08)
- Unauthorized reading confirmation from Outlook Augusto Paes de Barros (Jul 04)
- Re: Unauthorized reading confirmation from Outlook Alexander Klink (Jul 09)
- [ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
- [ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities security (Jul 04)
- F5 FirePass 1200 SNMP daemon DoS nnposter (Jul 04)
- Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow [ISR] - Infobyte Security Research (Jul 04)
- [DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC Digital Security Research Group [DSecRG] (Jul 04)
- [ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities security (Jul 04)
- [ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability security (Jul 05)
- [ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability security (Jul 05)
- [ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability security (Jul 05)
- [ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability security (Jul 05)
- [SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution Florian Weimer (Jul 05)
- [oCERT-2008-007] libpoppler uninitialized pointer Andrea Barisani (Jul 07)
- Re: Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version Juha-Matti Laurio (Jul 07)
- [ GLSA 200807-03 ] PCRE: Buffer overflow Robert Buchholz (Jul 07)
- PHP-NUKE SQL Module's Name 4ndvddb lovebug (Jul 07)
- Pwnie Awards 2008 Alexander Sotirov (Jul 08)
- Re: Pwnie Awards 2008 David Litchfield (Jul 21)
- Call for Papers for the MEITSEC 2008 is now open. Meitsec2008 Conference (Jul 08)
- [security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Jul 08)
- [security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data security-alert (Jul 08)
- [SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning Florian Weimer (Jul 08)
- [SECURITY] [DSA 1604-1] BIND 8 deprecation notice Florian Weimer (Jul 08)
- XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Jessica Hope (Jul 08)
- [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver Florian Weimer (Jul 08)
- [ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code Matthias Geerdsen (Jul 08)
- Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Cisco Systems Product Security Incident Response Team (Jul 08)
- iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability iDefense Labs (Jul 08)
- [USN-622-1] Bind vulnerability Kees Cook (Jul 08)
- [ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities security (Jul 08)
- Minneapolis DC612 Meeting July 10th, 2008@6pm David Bryan (Jul 08)
- rPSA-2008-0216-1 firefox rPath Update Announcements (Jul 09)
- rPSA-2008-0217-1 vsftpd rPath Update Announcements (Jul 09)
- [ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs security (Jul 09)
- [ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability security (Jul 09)
- Local information disclosure in WeFi Client v3.3.3.0 XiaShing (Jul 09)
- Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow Brett Moore (Jul 09)
- [SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code Steve Kemp (Jul 09)
- rPSA-2008-0218-1 ruby rPath Update Announcements (Jul 09)
- Microsoft DNS patch KB951748 incompatible with Zonealarm Pages-Web.com - Services internet (Jul 09)
- <Possible follow-ups>
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm jgable (Jul 12)
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm Steve Shockley (Jul 12)
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm nelsrob (Jul 14)
- Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm dwg5901 (Jul 16)
- [ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code Pierre-Yves Rofes (Jul 10)
- [ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability security (Jul 10)
- Context IS Advisory - MS08-39 OWA XSS Context IS - Disclosure (Jul 10)
- [ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities security (Jul 10)
- Nessus plugins for recent MS Bulletins Chandrashekhar B (Jul 10)
- Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED davee1 (Jul 10)
- gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability Ghost hacker (Jul 10)
- [ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code Robert Buchholz (Jul 10)
- phpuserbase 1.3 (menu) Remote File Inclusion Vulnerability Ghost hacker (Jul 10)
- rPSA-2008-0223-1 poppler rPath Update Announcements (Jul 10)
- [ GLSA 200807-06 ] Apache: Denial of Service Robert Buchholz (Jul 10)
- London DEFCON July meet - DC4420 - Thursday 10th July (today!) alien (Jul 10)
- [ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities security (Jul 10)
- [ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities security (Jul 10)
- iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability iDefense Labs (Jul 11)
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method mcalautt (Jul 11)
- Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method ProCheckUp Research (Jul 14)
- [ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability security (Jul 11)
- ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability zdi-disclosures (Jul 11)
- [SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Jul 11)
- [ GLSA 200807-08 ] BIND: Cache poisoning Matthias Geerdsen (Jul 11)
- [NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] Netragard Security Advisories (Jul 11)
- [ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability security (Jul 12)
- [ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability security (Jul 12)
- [SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass Devin Carraway (Jul 14)
- Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit Rotem-BugSec (Jul 14)
- Pluck Local File inclusion admin (Jul 14)
- FreeBSD Security Advisory FreeBSD-SA-08:06.bind FreeBSD Security Advisories (Jul 14)
- DeepSec 2008 - Last call for submissions DeepSec Conference Vienna (Jul 14)
- Yuhhu Pubs Black Cat Remote SQL Injection Exploit RM-x (Jul 14)
- CFP now open for ClubHack2008 - India ClubHack (Jul 15)
- HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040 security-alert (Jul 15)
- [USN-624-1] PCRE vulnerability Kees Cook (Jul 15)
- [ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability security (Jul 15)
- [SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues Steve Kemp (Jul 15)
- [SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code Steve Kemp (Jul 15)
- [SECURITY] [DSA 1569-3] New cacti packages fix regression Thijs Kinkhorst (Jul 16)
- [ GLSA 200807-09 ] Mercurial: Directory traversal Tobias Heinlein (Jul 16)
- iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability iDefense Labs (Jul 16)
- iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability iDefense Labs (Jul 16)
- iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability iDefense Labs (Jul 16)
- [ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability security (Jul 16)
- [security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alert (Jul 16)
- Oracle Application Server PLSQL injection flaw David Litchfield (Jul 16)
- Arbitrary code execution in Netrw version 127, Vim 7.2b Jan Minář (Jul 16)
- [security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert (Jul 16)
- [ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability security (Jul 16)
- [ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability adv (Jul 16)
- [DSECRG-08-028] File read in Velocity web-server Alexandr Polyakov (Jul 16)
- [SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness Florian Weimer (Jul 16)
- n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) security (Jul 16)
- openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability Ghost hacker (Jul 16)
- rPSA-2008-0035-1 httpd mod_ssl rPath Update Announcements (Jul 16)
- IETF Internet-Draft on TCP Port randomization Fernando Gont (Jul 16)
- [SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation Thijs Kinkhorst (Jul 16)
- [security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert (Jul 17)
- ekoparty security trainings (2008) announcement ekoparty (Jul 17)
- [DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5 Digital Security Research Group (Jul 17)
- HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alert (Jul 17)
- Oracle Portal XSS fixed by CPU July 2008 Andrea Purificato (Jul 17)
- [USN-623-1] Firefox vulnerabilities Jamie Strandboge (Jul 17)
- communitycms-0.1 Remote File Includion n3tr00t3r (Jul 17)
- ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability zdi-disclosures (Jul 17)
- ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow zdi-disclosures (Jul 17)
- ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability zdi-disclosures (Jul 17)
- Security Vacation Guide Pete Herzog (Jul 18)
- Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 18)
- Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Nikolai Weibull (Jul 18)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Jul 25)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 25)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Steven M. Christey (Jul 25)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 26)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz (Jul 25)
- Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář (Jul 25)
- Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities tan_prathan (Jul 18)
- [ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities security (Jul 18)
- Lateral SQL Injection Revisited - No Special Privs Required David Litchfield (Jul 18)
- <Possible follow-ups>
- Re: Lateral SQL Injection Revisited - No Special Privs Required a . polyakov (Jul 18)
- RE: Lateral SQL Injection Revisited - No Special Privs Required David Litchfield (Jul 19)
- [ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution ISecAuditors Security Advisories (Jul 18)
- [DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities Digital Security Research Group [DSecRG] (Jul 18)
- Windows Vista Power Management & Local Security Policy Abe Getchell (Jul 18)
- RE: Windows Vista Power Management & Local Security Policy Jim Harrison (Jul 19)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Jul 19)
- RE: Windows Vista Power Management & Local Security Policy Thor (Hammer of God) (Jul 21)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Jul 21)
- RE: Windows Vista Power Management & Local Security Policy Jim Harrison (Jul 21)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Jul 21)
- RE: Windows Vista Power Management & Local Security Policy James C. Slora Jr. (Jul 22)
- RE: Windows Vista Power Management & Local Security Policy Jim Harrison (Jul 22)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Jul 23)
- RE: Windows Vista Power Management & Local Security Policy Abe Getchell (Jul 19)
- RE: Windows Vista Power Management & Local Security Policy Greg (Jul 28)
- <Possible follow-ups>
- RE: Windows Vista Power Management & Local Security Policy Good Securitypractice (Jul 23)
- RE: Windows Vista Power Management & Local Security Policy Jim Harrison (Jul 19)
- [security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert (Jul 19)
- rPSA-2008-0231-1 bind bind-utils rPath Update Announcements (Jul 19)
- Oracle Database Local Untrusted Library Path Vulnerability Joxean Koret (Jul 19)
- <Possible follow-ups>
- Re: Oracle Database Local Untrusted Library Path Vulnerability jmpascual (Jul 21)
- Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani irancrash (Jul 21)
- [ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities security (Jul 21)
- EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) irancrash (Jul 21)
- Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani irancrash (Jul 21)
- [ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities security (Jul 21)
- Maran PHP Blog Xss By Khashayar Fereidani irancrash (Jul 21)
- EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability zhliu (Jul 21)
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability zhliu (Jul 21)
- Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system Julien Thomas (Jul 21)
- Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) irancrash (Jul 21)
- EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability Ghost hacker (Jul 21)
- MyBlog <=0.9.8 Multiple Vulnerabilities admin (Jul 21)
- Vim: Improper Implementation of shellescape()/Arbitrary Code Execution Jan Minář (Jul 21)
- FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability zhliu (Jul 21)
- [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 Digital Security Research Group [DSecRG] (Jul 21)
- Flip V3.0 final Cru3l . b0y (Jul 21)
- Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability Tester (Jul 21)
- [White Paper] Abusing HTML 5 Structured Client-side Storage Alberto Trivero (Jul 21)
- [SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 21)
- E-Mail header Injection in HiFriend Peter Wiesen (Jul 21)
- Re: E-Mail header Injection in HiFriend Adrian Pastor (Jul 29)
- [ GLSA 200807-10 ] Bacula: Information disclosure Pierre-Yves Rofes (Jul 21)
- <Possible follow-ups>
- Re: [ GLSA 200807-10 ] Bacula: Information disclosure dan (Jul 22)
- [ GLSA 200807-11 ] PeerCast: Buffer overflow Pierre-Yves Rofes (Jul 21)
- NULL pointer in ZDaemon 1.08.07 Luigi Auriemma (Jul 22)
- [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability security (Jul 22)
- Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw Tim Loshak (Jul 22)
- [ GLSA 200807-12 ] BitchX: Multiple vulnerabilities Pierre-Yves Rofes (Jul 22)
- [security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alert (Jul 22)
- FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability zhliu (Jul 22)
- [SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities Devin Carraway (Jul 22)
- [DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities Digital Security Research Group [DSecRG] (Jul 22)
- PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title ProCheckUp Research (Jul 22)
- PR08-15: Several Webroot Disclosures on Moodle ProCheckUp Research (Jul 22)
- PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page ProCheckUp Research (Jul 22)
- [USN-627-1] Dnsmasq vulnerability Jamie Strandboge (Jul 22)
- Outpost Security Suite Pro ver. 2009 Multiple vulnerabilities jplopezy (Jul 22)
- [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability security (Jul 23)
- AST-2008-010: Asterisk IAX 'POKE' resource exhaustion Asterisk Security Team (Jul 23)
- AST-2008-011: Traffic amplification in IAX2 firmware provisioning system Asterisk Security Team (Jul 23)
- [SECURITY] [DSA 1540-3] New lighttpd packages fix regression Thijs Kinkhorst (Jul 23)
- Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim Jan Minář (Jul 23)
- [USN-628-1] PHP vulnerabilities Jamie Strandboge (Jul 23)
- [SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff (Jul 23)
- [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Jul 23)
- Re: Wordpress Malicious File Execution Vulnerability otto (Jul 23)
- [ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security (Jul 23)
- CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit I)ruid (Jul 24)
- Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ganbold (Jul 25)
- Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Tuc at T-B-O-H.NET (Jul 25)
- Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ganbold (Jul 25)
- [SECURITY] [DSA 1616-1] new clamav packages fix denial of service Devin Carraway (Jul 24)
- [ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability security (Jul 24)
- [Full-disclosure] [tool] SDT Cleaner 1.0 Nahuel C. Riva (Jul 24)
- [USN-629-1] Thunderbird vulnerabilities Jamie Strandboge (Jul 25)
- [SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy Devin Carraway (Jul 25)
- Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow Secunia Research (Jul 25)
- XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities azzcoder (Jul 25)
- ezContents CMS Renote File inclusion security (Jul 25)
- SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability advisories (Jul 25)
- ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability zdi-disclosures (Jul 25)
- http://www.zerodayinitiative.com/advisories/ZDI-08-046 zdi-disclosures (Jul 25)
- ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability zdi-disclosures (Jul 25)
- [SECURITY] [DSA 1616-2] New clamav packages fix denial of service Devin Carraway (Jul 26)
- [ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jul 26)
- [SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 26)
- [SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing Devin Carraway (Jul 28)
- [SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities Moritz Muehlenhoff (Jul 28)
- how to request a cve id? xpzhang (Jul 28)
- <Possible follow-ups>
- Re: how to request a cve id? Steven M. Christey (Jul 28)
- [ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities security (Jul 28)
- [SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff (Jul 28)
- Security Bypass Vulnerabilities AXESSTEL Bboyhacks (Jul 28)
- [DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1 Digital Security Research Group [DSecRG] (Jul 28)
- Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations [ISR] - Infobyte Security Research (Jul 28)
- [security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS) security-alert (Jul 28)
- JamRoom <= 3.3.8 Authentication Bypass GulfTech Security Research (Jul 28)
- Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 supportrup (Jul 28)
- ViArt <= 3.5 SQL Injection GulfTech Security Research (Jul 28)
- Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100 Fabian Fingerle (Jul 28)
- iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability iDefense Labs (Jul 29)
- [ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability security (Jul 29)
- [USN-626-1] Firefox and xulrunner vulnerabilities Jamie Strandboge (Jul 29)
- rPSA-2008-0236-1 httpd mod_ssl rPath Update Announcements (Jul 29)
- PhpJobScheduler 3.1 Remote File Inclusion Vulnerability Ghost hacker (Jul 29)
- rPSA-2008-0238-1 firefox rPath Update Announcements (Jul 29)
- rPSA-2008-0237-1 tshark wireshark rPath Update Announcements (Jul 29)
- [USN-631-1] poppler vulnerability Kees Cook (Jul 29)
- plugin Rss Remote File Inclusion Vulnerability Ghost hacker (Jul 29)
- VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix VMware Security team (Jul 29)
- [DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136 Digital Security Research Group [DSecRG] (Jul 29)
- rPSA-2008-0235-1 fetchmail fetchmailconf rPath Update Announcements (Jul 29)
- Gregarius <= 0.5.4 SQL Injection GulfTech Security Research (Jul 29)
- n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) security (Jul 29)
- [USN-630-1] ffmpeg vulnerability Kees Cook (Jul 29)
- Remote Cisco IOS FTP exploit Andy Davis (Jul 29)
- RE: Remote Cisco IOS FTP exploit Paul Oxman (poxman) (Jul 30)
- [ MDVSA-2008:157 ] - ffmpeg security (Jul 29)
- shoutbox Remote Database Dawnload Exploit Ghost hacker (Jul 30)
- Cisco IOS shellcode explanation Andy Davis (Jul 30)
- HIOX Star Rating System 1.0 Remote File Inclusion Vulnerability Ghost hacker (Jul 30)
- Memory corruption and NULL pointer in Unreal Tournament III 1.2 Luigi Auriemma (Jul 30)
- HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability Ghost hacker (Jul 30)
- HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability Ghost hacker (Jul 30)
- NULL pointer in Unreal Tournament 2004 v3369 Luigi Auriemma (Jul 30)
- MJGuest 6.8 GT Cross Site Scripting Vulnerability irancrash (Jul 30)
- RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability cocoruder (Jul 30)
- Tool: PorkBind Nameserver Security Scanner super (Jul 30)
- Cisco IOS shellcode explanation - additional Andy Davis (Jul 30)
- [ MDVSA-2008:158 ] silc-toolkit security (Jul 30)
- DEV WMS Multiple Vulnerabilities irancrash (Jul 30)
- Citrix MetaFrame Privilege Escalation Wendel Guglielmetti Henrique (Jul 30)
- [ MDVSA-2008:159 ] licq security (Jul 31)
- [oCERT-2008-009] libxslt heap overflow Andrea Barisani (Jul 31)
- Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow Secunia Research (Jul 31)
- [security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access security-alert (Jul 31)
- [SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution Thijs Kinkhorst (Jul 31)
- Pligg <= 9.9.0 Multiple Vulnerabilities GulfTech Security Research (Jul 31)
- Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows Secunia Research (Jul 31)
- [~] Greetz : Me93fg & Mr.SaFa7 Ghost hacker (Jul 31)
- iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability iDefense Labs (Jul 31)
- [ GLSA 200807-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes (Jul 31)
- [ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code Pierre-Yves Rofes (Jul 31)
- [SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning Moritz Muehlenhoff (Jul 31)
- [ GLSA 200807-14 ] Linux Audit: Buffer overflow Pierre-Yves Rofes (Jul 31)
- [SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution Moritz Muehlenhoff (Jul 31)